Question

Mail Reader with OAuth2 Support for APP10

  • 9 April 2023
  • 1 reply
  • 288 views
F
Rank
Badge +1

Since Microsoft has deprecated the Basic authentication from 31-Apr-2023 for Office 365, IFS Mail reader was stopped working. IFS has provided a patch to support OAuth2 Authentication to solve this issue. We have installed the patch and registered the application in Azure. But there is no proper guide available to configure the Access Token methods or Redirect URI in Azure.

Is anyone can assist with this here?

Bug details - 
165088 - Adding OAuth support for Mail Reader 2.
165523 - Mail reader error after enabling OAuth

 

 

1 reply

Janakee Herath
Rank
Userlevel 4
Badge +8

Hi @fahmy,

 

Since Microsoft are moving away from legacy authentication methods and Basic authentication will be deprecated, customers have to upgrade their Authentication method to OAuth2.

In the Microsoft documentation following is mentioned regarding the basic authentication disabling date. The basic authentication disabling is already in place since October 1, 2022 and only for Office 365 Operated by 21Vianet the disabling is happening on March 31, 2023.

 

--------------From MS Docuement ----------------------

In Office 365 Operated by 21Vianet, we'll begin disabling Basic authentication on March 31, 2023. All other cloud environments are subject to the October 1, 2022 date.

-----------------------------------------------------------------------

Please refer to https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#pop-imap-and-smtp-auth

 

As a solution for this situation IFS has released a patch (165088, 165523) for this. But OAuth for the IFS mail reader is not supported with POP3 mail protocol (due to an incompatibility issue with Middleware Server) and only IMAP protocol is supported. Due to this limitation, after applying the above patches the user will have to move to the IMAP protocol if they are currently using POP3 protocol. These fixes enable the OAuth support for the IFS mail reader. 

After applying above fixes the following parameters are newly introduced for IFS mail reader.

  • AUTH_METHOD
    Choose correct authentication method, Basic/ClientCredentials/AuthorizationCode. If ClientCredentials or AuthorizationCode is used, relevant permissions to read mails should be granted and configured for the user connecting to the mail server.
  • CLIENT_ID
    OAuth Client Id of the application. This is required if ClientCredentials or AuthorizationCode auth method is used.
  • CLIENT_SECRET
    OAuth Client Secret of the application. This is required if ClientCredentials or AuthorizationCode auth method is used.
  • ACCESS_TOKEN
    Valid OAuth Access token which should be obtained with the permissions to read mails for the account which is configured according to the mail server setup for the user to authenticate the request. This is required if AuthorizationCode auth method is used.
  • REFRESH_TOKEN
    Valid OAuth Refresh token obtained in the mail server setup which is used to get a new access token when the provided access token is expired. This is required if AuthorizationCode auth method is used.
  • TOKEN_ENDPOINT
    Auth Token endpoint based on the mail server setup which is used to get the valid access token with permissions to read mails for the account which is configured. This is required if ClientCredentials or AuthorizationCode auth method is used.

 

Note: If AuthorizationCode and ClientCredentials auth methods are used, valid access and refresh tokens should be used to authenticate and read mails.For that you should configure the relevant permissions to read mails for the account in your third party email server which supports OAuth.

Note: OAuth for mail reader is not supported with POP3 mail protocol (due to an incompatibility issue with Middleware Server) and only IMAP protocol is supported.

 

The values for these parameters should be obtained from your mail server side.

 

Best Regards,

Janakee

Reply


Terms & ConditionsCookie settings